I have installed jenkins as windows service but every time after starting the machine i have to execute it through command line using $ java -jar jenkins.war
I am not able to directly open it into web browser at http://localhost:8080/
Am i missing something? Any help will be really appreciated.
Copy original 'jenkins.war' into 'jenkins' directory and restart service
Clear the Windows event viewer logs for Application and System
Please ensure your services are running and up
Firewall Issue:The easiest way to track down firewall issues is to use tcpdump. Just run the following command on the Jenkins server, which is trying to connect to the slave.
More Info on firewall part:
By default, Windows Firewall prevents the TCP connections necessary to make this mechanism work. The firewall on the slave must allow the following exceptions (see List of TCP&UDP port numbers):
TCP Port 135 (DCE/RPC Locator service)
TCP Port 139 (NetBIOS Session Service)
TCP Port 445 (Windows shares)
C:\WINDOWS\system32\dllhost.exe (dllhost.exe seems to use a random port number)
C:\WINDOWS\system32\javaw.exe (Jenkins also uses a random port number)
File and Printer sharing (TCP 139, TCP 445, UDP 137, UDP 138 (possibly only a subset of these is required))
The issue is fixed now. I have changed the service properties. In service properties -> Log On->Select Local system account and select the checkbox for allow the service to interact with desktop
Related
I've been searching high and low for a simple explanation for this. What configuration settings do I use to connect my Sonoff RF bridge to the Mosquitto server on my computer? I'm sure it's a configuration issue but most of the tutorials out there are for rPi. My skill level in this is basic and I'm sure it may be obvious to someone what's wrong.
I'm running Mosquitto on Windows 10 and have verified that the Mosquitto server is running using netstat -a (I can see the broker is listening at 0.0.0.0:1883.
I've installed Tasmota Eclipse on my Sonoff RF Bridge and have verified it is receiving signal from my door sensor by opening the UI in my browser and viewing the console. I've tried multiple host addresses in the configuration menu; localhost, 0.0.0.0, 10.0.0.1, however Tasmota only seems to connect when I leave the host field blank.
I've tried to use MQTTlens to verify that the broker is receiving messages on port 1883 and nothing seems to be coming through.
0.0.0.0 is a short hand to tell mosquitto to listen on all the available interfaces on the machine it is running on. It is meaningless to use it in the client configuration.
Likewise, localhost always means the same machine that the code making the request is running on, so in this case it would be the Sonoff device it's self.
It looks like 10.0.0.1 is the address of your local router, unless mosquitto is actually running on the router (it is very unlikely your windows machine is your router) this again is not going to be useful.
You need to use the IP address of the Windows machine that mosquitto is running on, this is going to start with 10.0.0. running ipconfig on the command line in windows is probably the quickest/simplest way to find that address.
I have installed Jenkins in Windows server 2012 64-bit machine and want to make it available in internal network.
I have added --httpListenAddress to 0.0.0.0 and restarted Jenkins and tried to access it with http://hostname:8080 but no page shows up(though It showing Jenkins icon in URL bar). However http://localhost:8080 works fine.
Further I checked the firewall inbound rule for the Jenkins but seems it has no issues.
I tried to catch the listening ports with "netstat -aon | find /i "8080" and found <host ip address>:8080 FIN_WAIT_2 which sign towards that the request is stuck(May be I am wrong).
I am clueless what exactly is blocking to use hostname with jenkins. Please share your solution if you already fixed this issue.
You might try adding a Windows Firewall rule. Go to Windows Firewall, Advanced Configuration, Inbound Rules rule and create an Allow rule for the specific version of java.exe you have installed.
This worked for us with the drawback that every time you upgrade Java, you must also modify the firewall rule. This is because Java creates a new subfolder for every version. We've tried using %JAVA_HOME% in firewall rules but it doesn't seem to work. We were on Windows Server 2012R2 at the time.
Similar answer here: https://stackoverflow.com/a/17479566/7752
On the server open a new command prompt and type
ipconfig
You should get a list of ips. Open a browser and type each up followed by 8080 for e.g.
http://202.123.2.1:8080
If Jenkins opens up, from another computer ping the ip and see if you can get a ping reply
ping 202.123.2.1
If you get a ping reply, you can access jenkins from any pc on the network by typing in the ip and port number.
Now to get to the hostname,you need to edit your host file
c:\Windows\System32\Drivers\etc\hosts
Type in the ip followed by the hostname
202.123.2.1 jenkins
If you can't get through, you need to open port 8080. See https://www.vultr.com/docs/how-to-open-a-port-in-windows-firewall-on-windows-server-2012
You cannot access from outside the machine because Jenkins Service does not have credentials to use that machine, only from localhost is accessible.
This is how to enter the credentials in Jenkins service.
In the Windows search bar, type services then enter.
Then scroll down to Jenkins and double-click on it.
In Jenkins Properties, select the tab "Log On".
Select Check box "This account"
Update your username and password.
Voila! Now Jenkins web can connect to the Jenkins machine via Jenkins service.
I'm developing an MQTT based application using HiveMQ, an enterprise broker. I installed it as per the instructions here- http://www.hivemq.com/docs/hivemq/2.0.1/
When I run it using ./bin/run.sh, the server connection is immediately closed due to the error - Could not bind to all interfaces and port 1883, because it is already in use. Stopping HiveMQ
As far as I'm aware, nothing else is using this port. This happens even when I restart my computer and nothing else is running. I'm running in root mode.
Why am I getting this error?
To check if something is already running on the port, please type the following into the terminal if you happen to run a Linux / BSD / OSX:
netstat -an|grep 1883
If you're running a Windows System, type the following:
netstat -an|find "1883"
After running that command you should see which application is using port 1883.
Alternatively you could edit the configuration.properties file in you conf folder of the HiveMQ installation and set the global.port property to a port of your choice.
From those results, do you have d-bus daemon installed? I don't know much about d-bus, but have you tried disabling it or modifying the config and then see if you can restart hivemq on port 1883.
We use Jenkins 1.504 on Windows.
We need to have Master and Slave in different sub-networks with firewall in between.
We can't have ANY to ANY port firewall rules, we must specify exact port numbers.
I know the port Master is listening on.
I also see that Slave opens connection to the Master from the arbitrary port dynamically assigned every run, and port on the Master side is also arbitrary.
I can fix Master's port by specifying it in Manage Jenkins > Configure Global Security > TCP port for JNLP slave agents).
How to fix Slave port?
UPDATE: Found Connection Mechanism described here: https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+CLI#JenkinsCLI-Connectionmechanism
I think it might work for us, but still would be better to have fixed-2-fixed ports connection.
We had a similar situation, but in our case Infosec agreed to allow any to 1, so we didnt had to fix the slave port, rather fixing the master to high level JNLP port 49187 worked ("Configure Global Security" -> "TCP port for JNLP slave agents").
TCP
49187 - Fixed jnlp port
8080 - jenkins http port
Other ports needed to launch slave as a windows service
TCP
135
139
445
UDP
137
138
A slave isn't a server, it's a client type application. Network clients (almost) never use a specific port. Instead, they ask the OS for a random free port. This works much better since you usually run clients on many machines where the current configuration isn't known in advance. This prevents thousands of "client wouldn't start because port is already in use" bug reports every day.
You need to tell the security department that the slave isn't a server but a client which connects to the server and you absolutely need to have a rule which says client:ANY -> server:FIXED. The client port number should be >= 1024 (ports 1 to 1023 need special permissions) but I'm not sure if you actually gain anything by adding a rule for this - if an attacker can open privileged ports, they basically already own the machine.
If they argue, then ask them why they don't require the same rule for all the web browsers which people use in your company.
I have a similar scenario, and had no problem connecting after setting the JNLP port as you describe, and adding a single firewall rule allowing a connection on the server using that port. Granted it is a randomly selected client port going to a known server port (a host:ANY -> server:1 rule is needed).
From my reading of the source code, I don't see a way to set the local port to use when making the request from the slave. It's unfortunate, it would be a nice feature to have.
Alternatives:
Use a simple proxy on your client that listens on port N and then does forward all data to the actual Jenkins server on the remote host using a constant local port. Connect your slave to this local proxy instead of the real Jenkins server.
Create a custom Jenkins slave build that allows an option to specify the local port to use.
Remember also if you are using HTTPS via a self-signed certificate, you must alter the configuration jenkins-slave.xml file on the slave to specify the -noCertificateCheck option on the command line.
I am new to Java and I'm facing a problem in connecting a Remote Host to the JVisualVM.
I've searched the Internet and followed all the steps mentioned there but still am not able to resolve the issue. The steps I followed are:
I started the jstatd on the remote server by first creating a jstatd.all.policy file in the $JAVA_HOME/bin. The file contained: grant codebase "file:${java.home}/../lib/tools.jar" { permission java.security.AllPermission;};
I started the Jstatd as jstatd -J-Djava.security.policy=jstatd.all.policy
I started the Java application on the remote host as :
java -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9000 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false application_name
I then started as instance of the JVisualVM on my local machine and as I added the remote host, it got connected but i wasn't able to see any of the Java processes.
Can anyone please help me with this.
Thanks.
I encountered similar problems when connecting to Glassfish application server. See solutions that worked for me as they can be same for You:
Try setting on your application:
-Djava.rmi.server.hostname=*Remote_Server_External_IP_Address*
The mentioned IP address should be server external IP (may sound silly but it worked for me). The main problem in my case was JMX pointing to the localhost and looping. In config files the exact IP address should be set to the remote host. I described it as 'Problem 2' In my blog: handling connection problems
If Firewall block is an issue then I recommend trying XMing with SSH tunnel (which is simple to set). Here is instruction, if You encounter problems setting it:
Remote use of VisualVM with Xming (my blog)
Biggest advantage of using XMing is that it will work almost always when SSH is enabled. You just have to place VisualVM files on the remote host and run it from command line. XWindow will show VisualVM Window on Your local computer.
There is a chance that it is VisualVM issue - try using some other tool just to verify what is wrong. I recommend JConsole. It works similar to VisualVM and I also described details on my blog
You need to start jstatd with the additional option that points to the server's external IP or hostname:
statd -J-Djava.security.policy=jstatd.all.policy -J-Djava.rmi.server.hostname=my_server_ip/hostname
Answer based on: https://java.net/projects/visualvm/lists/users/archive/2010-03/message/8
To connect to a remote VM you have to start that remote VM with specific options:
java
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=9000
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false
class
After the VM is started, go to your VisualVM and do the following:
File -> Add JMX Connection
Type: yourHostName:9000 and click OK
On the left you will have the added JMX connection, double click on it and that's it!
More details on the Java Monitoring and Management Platform can be found here.
Here are the steps to do this:
Launch an ejstatd in your remote host this way (in ejstatd folder): mvn exec:java -Djava.rmi.server.hostname=<remote_host_name> -Dexec.args="-pr 1099 -ph 1100 -pv 1101" (used for "jstatd" type connection) (only specify -Djava.rmi.server.hostname if the hostname of your remote host does not match with the one you are seeing from your local network)
Launch your Java application with those additional Java parameters: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=1102 -Dcom.sun.management.jmxremote.rmi.port=1102 -Djava.rmi.server.hostname=<remote_host_name> (used for "JMX" type connection) (same remark as the previous point for -Djava.rmi.server.hostname)
Open those 4 ports on your remote host and make them available to your local machine: 1099, 1100, 1101 and 1102
Launch JVisualVM
Right-click on "Remote" > "Add Remote Host..." and enter your remote host name in "Host name" (if you don't use the port 1099, you can change this in the "Advanced Settings")
Right-click on the remote host you've just created > "Add JMX Connection..." and enter "<remote_host_name>:1102" in "Connection" input, and check "Do not require SSL connection"
Your Java process will appear twice: one from the "jstatd" connection type, and one from the "JMX" connection type.
Disclaimer: I'm the author of the open source ejstatd tool.
Start jstatd in nohup on the server which needs to be monitored and connect VisualVM to the jstatd port, following below steps:
Step 1 : Create start-jstatd.sh and copy the below content:
nohup jstatd -p 1099 -J-Djava.security.policy=<(echo 'grant codebase "file:${java.home}/../lib/tools.jar" {permission java.security.AllPermission;};') &
Step 2: Give executable permission to the file:
$ chmod a+rwx start-jstatd.sh
Step 3: Start jstatd:
$ sh start-jstatd.sh
Step 4: Add Remote Host in VisualVM:
Step 5: Add JMX Connection to the Remote Host, as shown in the below image and Click OK button: